Table Of Contents
QoS: Per-Session Shaping and Queuing on LNS
Prerequisites for Per-Session Shaping and Queuing on LNS
Restrictions for Per-Session Shaping and Queuing on LNS
Information About Per-Session Shaping and Queuing on LNS
Benefits of Per-Session Shaping and Queuing
Per-Session Shaping and Queuing Sample Topology
Two Methods for Configuring Per-Session Shaping and Queuing on LNS
How to Configure Per-Session Shaping and Queuing on LNS
Configuring Per-Session Queuing and Shaping Using a Virtual Template
Associating the Policy Map with a Virtual Template
Configuring Per-Session Shaping and Queuing using a RADIUS Server
Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server
Configuration Examples for Per-Session Shaping and Queuing on LNS
Configuring the Policy Map: Example
Associating the Policy Map with a Virtual Template: Example
Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server: Example
Verifying the Configuration: Example
QoS: Per-Session Shaping and Queuing on LNS
First Published: February 28, 2006The QoS: Per-Session Shaping and Queuing on LNS feature provides the ability to shape (for example, transmit or drop) or queue (for transmission later) the traffic going from an Internet service provider (ISP) to an ISP subscriber over Layer 2 Tunneling Protocol (L2TP) Network Server (LNS). With this feature, the outgoing traffic is shaped or queued on a per-session basis.
History for the QoS: Per-Session Shaping and Queuing on LNS Feature
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•Prerequisites for Per-Session Shaping and Queuing on LNS
•Restrictions for Per-Session Shaping and Queuing on LNS
•Information About Per-Session Shaping and Queuing on LNS
•How to Configure Per-Session Shaping and Queuing on LNS
•Configuration Examples for Per-Session Shaping and Queuing on LNS
Prerequisites for Per-Session Shaping and Queuing on LNS
•Verify that the PPPoE (or PPPoA) sessions are enabled.
•Verify that L2TP resequencing is disabled.
•This feature uses policy maps in which queuing mechanisms (such as class-based weighted fair queuing [CBWFQ]) are configured.
A policy map can be configured for a session and for an outgoing interface. With this feature, a policy map (in which a queuing mechanism is configured) cannot be used for both the session and the outgoing interface simultaneously. If a queuing mechanism is in both policy maps, one of these policy maps must be disabled.
Restrictions for Per-Session Shaping and Queuing on LNS
•This feature does not support L2TP sequencing.
Information About Per-Session Shaping and Queuing on LNS
To use the QoS: Per-Session Shaping and Queuing on LNS feature, you should understand the following concepts:
•Benefits of Per-Session Shaping and Queuing
•Per-Session Shaping and Queuing Sample Topology
•Two Methods for Configuring Per-Session Shaping and Queuing on LNS
Benefits of Per-Session Shaping and Queuing
The ability to shape or queue traffic on a per-session basis helps to avoid traffic congestion and allows the ISP to adhere to the Service Level Agreement (SLA) established for handling traffic. Shaping or queuing traffic on a per-session basis provides a higher degree of granularity when managing traffic on the network.
Per-Session Shaping and Queuing Sample Topology
Figure 1 is a sample topology for per-session shaping and queuing on LNS.
Figure 1 Per-Session Shaping and Queuing Topology (PPP Sessions Forwarded)
In this simplified topology example, downstream traffic is forwarded from the ISP (the source) to an ISP subscriber (the destination) during a PPP session. From an LNS at the ISP, the traffic is transmitted over an L2TP tunnel to an L2TP Access Concentrator (LAC), and then to the subscriber.
Figure 2 illustrates per-session shaping and queuing using a PPP termination and aggregation (PTA) topology.
Figure 2 Per-Session Shaping and Queuing Using a PTA Topology
In this simplified topology example, the downstream traffic is forwarded from the ISP (the source) over a LAC to an ISP subscriber (the destination) during a PPP session.
Per-Session Traffic Shaping
Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches.
A traffic shaper typically delays excess traffic using a buffer, or a similar mechanism, to hold packets and shape the flow when the data rate of the source is higher than expected.
The QoS: Per-Session Shaping and Queuing on LNS feature supports traffic shaping. With this feature, traffic shaping is implemented on a per-session basis (that is, when traffic arrives at the interface).
For more information about traffic shaping, see the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4.
Per-Session CBWFQ
WFQ offers dynamic, fair queuing that divides bandwidth across queues of traffic based on weights. WFQ ensures that all traffic is treated fairly, given its weight.
CBWFQ extends the standard WFQ functionality to provide support for user-defined traffic classes. For CBWFQ, you define traffic classes based on match criteria including protocols, access control lists (ACLs), and input interfaces. Packets satisfying the match criteria for a class constitute the traffic for that class. A FIFO queue is reserved for each class, and traffic belonging to a class is directed to the queue for that class.
The QoS: Per-Session Shaping and Queuing on LNS feature supports CBWFQ. With this feature, CBWFQ is implemented on a per-session basis (that is, when traffic arrives at the interface).
For more information on CBWFQ, see the Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4.
Two Methods for Configuring Per-Session Shaping and Queuing on LNS
When you configure the QoS: Per-Session Shaping and Queuing on LNS feature, you can choose one of the following configuration methods:
•Configure the feature using a virtual template.
This method is considered a "legacy" method. It is of earlier origin and still an available option for those familiar with using virtual templates.
•Configure the feature using a RADIUS server.
This method takes advantage of more recent technology and is the recommended method.
How to Configure Per-Session Shaping and Queuing on LNS
The tasks for configuring the QoS: Per-Session Shaping and Queuing on LNS feature vary according to the configuration method you are using. You can choose to configure the feature using either a virtual template or a RADIUS server.
To configure the feature using a virtual template, see the "Configuring Per-Session Queuing and Shaping Using a Virtual Template" section.
To configure the feature using a RADIUS server, see the "Configuring Per-Session Shaping and Queuing using a RADIUS Server" section.
Configuring Per-Session Queuing and Shaping Using a Virtual Template
This section contains the following tasks:
•Associating the Policy Map with a Virtual Template
Configuring the Policy Map
A policy map specifies the quality of service (QoS) feature to be applied to network traffic. Examples of features that can be specified in a policy map include class-based weighted fair queuing (CBWFQ) and traffic shaping.
To configure the policy map, complete the following steps.
Hierarchical Policy Maps
Policy maps can be configured in a hierarchical structure. That is, policy maps can be configured in levels subordinate to one another. The policy map at the highest level is referred to as the "parent" policy map. A subordinate policy map is referred to as the "child" policy map.
A typical hierarchical policy map structure consists of a parent policy map and one child policy map. Configure the child policy map first; then configure the parent policy map. Both types of policy maps are configured in the same manner.
The parent policy map typically contains one class—the class called class-default. The child policy map can contain multiple classes.
Prerequisites
Before configuring the policy map, create the traffic classes and specify the match criteria used to classify traffic. To create traffic classes and specify match criteria, use the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC).
Restrictions
The following restrictions apply to hierarchical policy maps:
•Specify CBWFQ in the child policy map only. CBWFQ cannot be specified in the parent policy map.
•Traffic shaping can be specified in either the parent policy map or the child policy map.
However, for this feature, you must specify traffic shaping in the parent policy map. Specifying traffic shaping in the child policy map is optional.
SUMMARY STEPS
1. enable
2. configure terminal
3. policy-map policy-map-name
4. class {class-name | class-default}
5. shape [average | peak] mean-rate [burst-size] [excess-burst-size]
6. bandwidth {bandwidth-kbps | remaining percent percentage | percent percentage}
7. service-policy {input | output} policy-map-name
8. exit
DETAILED STEPS
What to Do Next?
So far, you have created and configured a policy map. If you want to configure additional policy maps (for example, a parent policy map for use in a hierarchical policy map structure), repeat the steps in "Configuring the Policy Map" section to configure any additional policy maps.
Otherwise, advance to the "Associating the Policy Map with a Virtual Template" section.
Note If you are using a RADIUS server, after configuring a policy map, advance to the "Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server" section.
Associating the Policy Map with a Virtual Template
To associate the policy map (where the QoS features are specified) with the virtual template, complete the following steps.
Virtual Templates and Policy Maps
A virtual template is a logical interface configured with generic configuration information for a specific purpose or with configuration information common to specific users, plus router-dependent information. The template takes the form of a list of Cisco IOS interface commands that are applied to virtual access interfaces, as needed.
A virtual template is configured (defined) on an interface. When a session is enabled (that is, when a packet arrives at the interface), the virtual template inherits the QoS features specified in the policy map for use during the session.
SUMMARY STEPS
1. enable
2. configure terminal
3. interface virtual-template number
4. service-policy {input | output} policy-map-name
5. exit
DETAILED STEPS
Verifying the Configuration
After configuring the policy maps (as many as needed) and associating the policy map(s) with the virtual template on the interface, you may want to verify the configuration. The verification tasks allow you to see whether the policy maps are configured the way you intended.
To verify the configuration, complete the follows steps.
SUMMARY STEPS
1. enable
2. show policy-map session [uid uid-number] [input | output [class class-name]]
3. exit
DETAILED STEPS
What to Do Next?
After verifying the configuration, advance to the "Configuration Examples for Per-Session Shaping and Queuing on LNS" section.
Configuring Per-Session Shaping and Queuing using a RADIUS Server
This section contains the following tasks:
•Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server
Configuring the Policy Map
A policy map specifies the quality of service (QoS) feature to be applied to network traffic. Examples of features that can be specified in a policy map include class-based weighted fair queuing (CBWFQ) and traffic shaping.
To configure the policy map, complete the procedure in the "Configuring the Policy Map" section.
After configuring the policy map, return here and complete the steps in "Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server" section.
Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server
To configure QoS on the RADIUS server, you must add two Cisco QoS AV pairs to the subscriber's user profile on the RADIUS server. To add the Cisco QoS AV pairs to the subscriber's user profile, complete the following steps on the RADIUS server.
Cisco AV Pairs and VSAs
Cisco AV pairs are part of vendor-specific attributes (VSAs) that allow a policy map to be applied to the LNS. Cisco AV pairs are a combination of an attribute and a value. The purpose of Cisco VSA (attribute 26) is to communicate vendor-specific information between the LNS and the RADIUS server. The Cisco VSA encapsulates vendor-specific attributes that allow vendors such as Cisco to support their own extended attributes.
For this configuration, one of two Cisco AV pairs can be used (formatted as shown below):
•lcp:interface-config=service-policy output/input <policy name>
This Cisco AV pair is considered a "legacy" AV pair. It is of earlier origin but is still an available choice.
•sub-qos-policy-in/out=<policy name>
This Cisco AV pair takes advantage of more recent technology and is the recommended choice. This Cisco AV pair is the one shown in the configuration tasks and examples.
The Cisco AV pair is added to the subscriber's user file on the RADIUS server. A subscriber's user file contains an entry for each user that the RADIUS server will authenticate. Each entry establishes an attribute the user can access.
When looking at a user file, the data to the left of the equal sign (=) is an attribute defined in the dictionary file, and the data to the right of the equal sign is the configuration data.
The Cisco AV pair identifies the policy map that was used to configure the specific QoS features. When the LNS requests the policy map name (specified in the Cisco AV pair), the policy map is pulled to the LNS from the RADIUS server when the session is established. The Cisco AV pair applies the appropriate policy map (and, therefore, the QoS feature) directly to the LNS from the RADIUS server.
Prerequisites
•Authentication, authorization, and accounting (AAA) must be enabled.
•The RADIUS server must be configured.
•The subscriber's user profile on the RADIUS server must be created.
•The PPP session is established.
•A policy map is configured.
SUMMARY STEPS
1. sub-qos-policy-in/out=<policy name>
DETAILED STEPS
Verifying the Configuration
After adding the Cisco QoS AV pair to the subscriber's user profile, you may want to verify the configuration. The verification tasks allow you to see whether the policy maps are configured the way you intended.
To verify the configuration, complete the follows steps.
SUMMARY STEPS
1. enable
2. show policy-map session [uid uid-number] [input | output [class class-name]]
3. exit
DETAILED STEPS
Configuration Examples for Per-Session Shaping and Queuing on LNS
This section contains the following examples:
•Configuring the Policy Map: Example
•Associating the Policy Map with a Virtual Template: Example
•Adding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server: Example
•Verifying the Configuration: Example
Configuring the Policy Map: Example
This section contains an example of a hierarchical policy map configuration. In this example, two policy maps, one called "parent" (the primary or parent policy map) and one called "child" (the secondary or child policy map) have been configured.
In this example, traffic shaping has been enabled in the parent policy map, and CBWFQ has been enabled in the child policy map. The service-policy command has been used to attach the policy map called child to the virtual template interface in the outgoing direction of the interface.
Router> enableRouter# configure terminalRouter(config)# policy-map childRouter(config-pmap)# class class1Router(config-pmap-c)# bandwidth percent 30Router(config-pmap-c)# exitRouter> enableRouter# configure terminalRouter(config)# policy-map parentRouter(config-pmap)# class class-defaultRouter(config-pmap-c)# shape average 128000Router(config-pmap-c)# service-policy childRouter(config-pmap-c)# exitAssociating the Policy Map with a Virtual Template: Example
This section contains an example of associating a policy map with a virtual template. In this example, the policy map called "parent" is associated with virtual template 1. For a hierarchical policy map structure, the policy map can be either the parent or child policy map.
Router> enableRouter# configure terminalRouter(config)# interface virtual-template 1Router(config-if)# service-policy output parentRouter(config-if)# exitAdding the Cisco QoS AV Pairs to the User Profile on the RADIUS Server: Example
The following is an example of a subscriber's user profile in which the Cisco QoS AV pairs have been added.
The first three lines contain the user password, the service type, and the protocol type. This information is entered into the subscriber's user profile when the user profile is first created.
The last line is an example of the Cisco QoS AV pair added to the user profile.
userid Password ="cisco"Service-Type = Framed,Framed-Protocol = PPP,cisco-avpair = "sub-qos-policy-in/out=parent"Verifying the Configuration: Example
The following is sample output of the show policy-map session command used to verify the configuration. The sample output allows you to verify the content of the policy maps to ensure that the policy maps are configured the way you intended (that is, that traffic shaping and traffic queuing are enabled and reporting statistics as expected).
Router# show policy-map sessionSSS session identifier 1 -Service-policy output: parentClass-map: class-default (match-any)0 packets, 0 bytes30 second offered rate 0 bps, drop rate 0 bpsMatch: any0 packets, 0 bytes30 second rate 0 bpsQueueingqueue limit 128 packets(queue depth/total drops/no-buffer drops) 0/0/0(pkts output/bytes output) 0/0shape (average) cir 512000, bc 12800, be 12800target shape rate 512000Service-policy : childClass-map: prec0 (match-all)0 packets, 0 bytes30 second offered rate 0 bps, drop rate 0 bpsMatch: ip precedence 0Queueingqueue limit 38 packets(queue depth/total drops/no-buffer drops) 0/0/0(pkts output/bytes output) 0/0bandwidth 30% (153 kbps)Class-map: prec2 (match-all)0 packets, 0 bytes30 second offered rate 0 bps, drop rate 0 bpsMatch: ip precedence 2Queueingqueue limit 44 packets(queue depth/total drops/no-buffer drops) 0/0/0(pkts output/bytes output) 0/0shape (average) cir 212000, bc 7632, be 7632target shape rate 212000Class-map: class-default (match-any)0 packets, 0 bytes30 second offered rate 0 bps, drop rate 0 bpsMatch: any0 packets, 0 bytes30 second rate 0 bpsqueue limit 44 packets(queue depth/total drops/no-buffer drops) 0/0/0(pkts output/bytes output) 0/0Additional References
The following sections provide references related to the QoS: Per-Session Shaping and Queuing on LNS feature.
Related Documents
Related Topic Document TitleQoS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples
Cisco IOS Quality of Service Solutions Command Reference
Traffic shaping
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
Packet classification
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
Class maps, policy maps, hierarchical policy maps, and MQC
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
CBWFQ
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
Enabling PPPoE and PPPoA sessions
"Broadband Access" section of the Cisco IOS Wide-Area Networking Configuration Guide, Release 12.4
Virtual templates
Cisco IOS Dial Technologies Configuration Guide, Release 12.4
RADIUS attributes, user files, and dictionary
Cisco IOS Security Configuration Guide, Release 12.4
RADIUS servers and AAA
Cisco IOS Security Configuration Guide, Release 12.4
Classification, policing, and marking on LAC
QoS: Classification, Policing, and Marking on LAC feature module, Cisco IOS Release 12.3(8)T
Standards
MIBs
MIB MIBs LinkNone
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
RFCs
Technical Assistance
Command Reference
This section documents one modified command only.
show policy-map session
To display the quality of service (QoS) policy map in effect for the Subscriber Service Switch (SSS) session, use the show policy-map session command in user EXEC or privileged EXEC mode.
show policy-map session [uid uid-number] [input | output [class class-name]]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Release Modification12.3(8)T
This command was introduced.
12.2(28)SB
This command was integrated into Cisco IOS Release 12.2(28)SB.
Usage Guidelines
Use the show policy-map session command with the uid keyword to verify the QoS policy map of a unique session ID in the input and output streams in the SSS session.
Use the show policy-map session command with the optional class class-name keyword argument combination to display statistics for a particular class. If you use the show policy-map session command without the class class-name keyword argument combination, statistics for all the classes defined in the QoS policy map display.
Examples
The following example from the show policy-map session command displays QoS policy-map statistics for traffic in the downstream direction for the QoS policy maps configured:
Router# show policy-map session uid 401 outputSSS session identifier 401 -Service-policy output: downstream-policyClass-map: customer1234 (match-any)4464 packets, 249984 bytes5 minute offered rate 17000 bps, drop rate 0 bpsMatch: ip dscp cs1 cs2 cs3 cs44464 packets, 249984 bytes5 minute rate 17000 bpsQoS Setdscp af11Packets marked 4464Class-map: customer56 (match-any)2232 packets, 124992 bytes5 minute offered rate 8000 bps, drop rate 0 bpsMatch: ip dscp cs5 cs62232 packets, 124992 bytes5 minute rate 8000 bpspolice:cir 20000 bps, bc 10000 bytespir 40000 bps, be 10000 bytesconformed 2232 packets, 124992 bytes; actions:set-dscp-transmit af21exceeded 0 packets, 0 bytes; actions:set-dscp-transmit af22violated 0 packets, 0 bytes; actions:set-dscp-transmit af23conformed 8000 bps, exceed 0 bps, violate 0 bpsClass-map: customer7 (match-any)1116 packets, 62496 bytes5 minute offered rate 4000 bps, drop rate 4000 bpsMatch: ip dscp cs71116 packets, 62496 bytes5 minute rate 4000 bpsdropClass-map: class-default (match-any)1236 packets, 68272 bytes5 minute offered rate 4000 bps, drop rate 0 bpsMatch: anyTable 1 describes the significant fields shown in the display.
The following example from the show policy-map session command displays QoS policy-map statistics for traffic in the upstream direction for all the QoS policy maps configured:
Router# show policy-map session uid 401 inputSSS session identifier 401 -Service-policy input: upstream-policyClass-map: class-default (match-any)1920 packets, 111264 bytes5 minute offered rate 7000 bps, drop rate 5000 bpsMatch: anypolice:cir 8000 bps, bc 1500 bytesconformed 488 packets, 29452 bytes; actions:transmitexceeded 1432 packets, 81812 bytes; actions:dropconformed 7000 bps, exceed 5000 bpsTable 2 describes the significant fields shown in the display.
Related Commands
Glossary
L2TP—Layer 2 Tunneling Protocol. An Internet Engineering Task Force (IETF) standards track protocol defined in RFC 2661 that provides tunneling of PPP. Based upon the best features of L2F and PPTP, L2TP provides an industry-wide interoperable method of implementing virtual private dialup network (VPDN).
LAC—Layer 2 Tunneling Protocol (L2TP) access concentrator. A node that acts as one side of an L2TP tunnel endpoint and is a peer to the L2TP network server (LNS). The LAC sits between an LNS and a remote system and forwards packets to and from each. Packets sent from the LAC to the LNS require tunneling with the L2TP protocol. The connection from the LAC to the remote system is either local or a PPP link.
LNS—L2TP Network Server. A node that acts as one side of an L2TP tunnel endpoint and is a peer to the L2TP access concentrator (LAC). The LNS is the logical termination point of a PPP session that is being tunneled from the remote system by the LAC.
PPP—Point-to-Point Protocol. A protocol that provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. PPP is designed to work with several network layer protocols, such as IP, Internetwork Packet Exchange (IPX), and AppleTalk Remote Access (ARA).
PPPoA—Point-to-Point Protocol over ATM. A feature that allows a PPP session to be initiated on a simple bridging ATM connected client. PPPoA provides the ability to connect a network of hosts over a simple bridging access device to a remote access concentrator or aggregation concentrator.
PPPoE—Point-to-Point Protocol over Ethernet. A feature that allows a PPP session to be initiated on a simple bridging Ethernet connected client. PPPoE provides the ability to connect a network of hosts over a simple bridging access device to a remote access concentrator or aggregation concentrator.
QoS—quality of service. A measure of performance for a transmission system that reflects its transmission quality and service availability.
SSS—Subscriber Service Switch. A switch that provides flexibility on where and how many subscribers are connected to available services and how those services are defined. The primary focus of SSS is to direct PPP from one point to another using a Layer 2 subscriber policy. The policy will manage tunneling of PPP in a policy-based bridging fashion.
Note See Internetworking Terms and Acronyms for terms not included in this glossary.
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2006 Cisco Systems, Inc. All rights reserved.